Check returncode from SSL_CTX_set_cipher_list()

author Jeremy Harris <jgh146exb@wizmail.org>

Thu, 13 Sep 2018 16:17:22 +0000 (17:17 +0100)

committer Jeremy Harris <jgh146exb@wizmail.org>

Thu, 13 Sep 2018 16:18:50 +0000 (17:18 +0100)
author Jeremy Harris <jgh146exb@wizmail.org>
Thu, 13 Sep 2018 16:17:22 +0000 (17:17 +0100)
committer Jeremy Harris <jgh146exb@wizmail.org>
Thu, 13 Sep 2018 16:18:50 +0000 (17:18 +0100)
diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c

index 53a967a196eb55da4f35009bf2f0db9dc934a332..0cf66279a506597ed1fb6cac51f0663cc22b2337 100644 (file)
--- a/src/src/tls-openssl.c
+++ b/src/src/tls-openssl.c
@@ -1248,8 +1248,10 @@ if (  !init_dh(server_sni, cbinfo->dhparam, NULL, &dummy_errstr)
     )
    return SSL_TLSEXT_ERR_NOACK;
  
-if (cbinfo->server_cipher_list)
-  SSL_CTX_set_cipher_list(server_sni, CS cbinfo->server_cipher_list);
+if (  cbinfo->server_cipher_list
+   && !SSL_CTX_set_cipher_list(server_sni, CS cbinfo->server_cipher_list))
+  return SSL_TLSEXT_ERR_NOACK;
+
  #ifndef DISABLE_OCSP
  if (cbinfo->u_ocsp.server.file)
    {
author	Jeremy Harris <jgh146exb@wizmail.org>
	Thu, 13 Sep 2018 16:17:22 +0000 (17:17 +0100)
committer	Jeremy Harris <jgh146exb@wizmail.org>
	Thu, 13 Sep 2018 16:18:50 +0000 (17:18 +0100)